I am trying to connect a miNifi instance on my local computer to a remote Nifi secured cluster.
I connect to this cluster using ssh (Putty) with ports tunneling, so I can access to the remote cluster by https://localhost:8443/nifi.
I have done the following:
Added to miNifi config.yml, the trustore and keystore, and nifi-cert.pem generated; with the following command:
tls-toolkit.sh client -c -t -p -D "CN=test, OU=NIFI" -T PKCS12 --subjectAlternativeNames localhost
Added the following user to Nifi : "CN=test, OU=NIFI"
When I run miNifi I got the following error:
Certificate for '<'localhost'>' doesn't match any of the subject alternative names: [pft.com, pft.com]
I am kind of lost with TLS / SSL configuration, and I am not really sure that what I want to achieved is possible.
I will greatly appreciate your help!
I solved my problem. Maybe it will help some:
I guess a secured cluster have pre-registred nodes names, such It didn't reconized localhost as a certified node; that is why the error was thrown.
What I did is changing in the system, the localhost name to the node name. Such I can acces to the cluster by https://cluster-nodes-names:8443/nifi. Et voila!